The invention relates generally to an access card system and more specifically to a system which uses and controls a smart card for consumer commercial and/or proprietary transactions.
The term xe2x80x9csmart cardxe2x80x9d generally refers to a transaction card having a credit card form factor that includes a built-in microprocessor and a memory element. A smart card can store user information in the memory element and utilizes a program operating on the microprocessor to process transactions.
A smart card may be programmed to allow it to have several functional personalities. For example, a smart card can be programmed a bank debit card, store-value card, credit card, personal identification card and healthcare card. Further, one smart card may be programmed to hold several personalities thereon from which the user can select one personality to use. For privacy and security reasons, it is preferable to ensure that each personality and its related data are sufficiently isolated from each other.
In a typical transaction using a smart card, a user makes a purchase at a merchant using the smart card as a credit card. At the merchant site, the merchant has a card accepting device, or card reader, to provide an interface for the smart card to the merchant transaction server. The merchant transaction server is connected via a network to a server of the card issuer. The server of the card issuer processes the transaction request related to the purchase. For a typical transaction, initially, the merchant enters the purchase amount into a terminal connected to the merchant server. Next, the smart card is inserted into the card reader and the user enters his PIN on the terminal to authenticate the user. The transaction information comprising the transaction type, the amount and the PIN authorization request is collected by the merchant server, sent to the account server and processed by the card server. Any responses generated by the account server are provided back to the merchant server.
Using the merchant""s card reader as a terminal for entering the user""s information raises two security issues. First, using the merchant""s terminal to enter personal information introduces a data access point which is not fully controlled by the user. Someone may literally look over the user""s shoulder and obtain the PIN entered by the user. Second, as the user enters information on the terminal through the card reader, the user has no control over the data communications sent amongst the card reader, the terminal and the merchant server. The data entered by the user is thus susceptible to interception or redirection in that system.
It is therefore desirable to have a smart card that addresses these data security and integrity issues.
Additionally, transaction related data is typically stored in an account database associated with each smart card by card issuer""s server. A cardholder wishing to review transaction history may need to communicate with the card issuer""s server in order to retrieve the transaction data. This may inconvenience a cardholder. Further, it is often necessary to connect to a card issuer""s server or to speak to a human operator of the card issuer to perform an account management task, such as increasing credit limit or disputing a transaction. A cardholder may wish to review the transaction history off-line. A cardholder may also wish to enter an account management request, for example, to dispute a transaction, while reviewing the transaction history off-line. It is therefore desirable to have a smart card and a method using the smart card that permit a cardholder to review transaction history off-line or to enter account management requests, i.e., account database operation requests, off-line for later batch processing.
There is a need for a system which addresses these security issues of existing smart cards.
In a first aspect, a system for authenticating a user for an account is provided. The system comprises a form factor enclosing a microprocessor, a first memory associated with the microprocessor, authentication information stored in the first memory for the account, a display device, a microcontroller in communication with the microprocessor,a second memory associated with the microcontroller, an input device providing a data entry interface for the user to the form factor and a card reader interface selectively connecting the microprocessor to a remote card reader. In the system, the microcontroller is adapted to receive authentication data from the input device provided by the user, to evaluate the authentication data against the authentication information and to enable the card reader interface if the authentication data is validated against authentication information.
In the system, there may be unique microcontroller identification information relating to the microcontroller and microprocessor identification information relating to the microprocessor. Further, the microcontroller may be further adapted to evaluate (i) the unique microcontroller identification information against the microcontroller and (ii) the microprocessor identification information against the microprocessor. Further still, the microcontroller may be adapted to enable the card reader interface if (i) the unique microcontroller identification information is validated against the microcontroller and (ii) the microprocessor identification information is validated against the microprocessor.
The system may have the microcontroller identification information stored in the first memory and the microprocessor identification information stored in the second memory.
The system may have the input device being a keypad.
The system may generate an account transaction request which is communicated to an account server associated with a central administration system for the account through a third party server.
The system may encode the account transaction request from the third party server.
The system may encode the account transaction request in a message.
The system may further receive and process a response message from the account server.
The system may further extract and store transaction data from the response message and display a report summarizing the transaction data when requested by the user.
In the system, the transaction request may provide a transaction amount to the account server for verification against a transaction amount provided to the account server by the third party server.
In the system, the transaction request may provide an account limit adjustment request to the account server.
In the system, the microcontroller may be further adapted to enable uploading of the transaction data to a remote device through the card reader interface.
In the system, the microcontroller may be enabled to provide access to several accounts and account servers.
In the system, one of the accounts may be selected from a health card account and a credit card account.
In the system, the microcontroller may be enabled to provide limited access to the account when an involuntary access process is activated by the user.
In a second aspect, a method of providing a transaction request related to an account from an account card to an account server through a third party system is provided. The method comprises generating the transaction request on the account card and after connecting the account card to the third party system via a card reader, transmitting the transaction request from the account card to the account server through the third party system for further processing by the account server while encrypting contents of the transaction request from the third party system.
In the method, before generating the transaction request, a user of the account card may be required to provide authorization data via input device on the account card to authorize operation of the account card.
In the method, parameters for the transaction request may be generated on the account card via accepting input from the input device.
In the method, the transaction request may be a request to amend a limit associated the account.
In the method, the transaction request may contain an amount associated with a transaction, which is provided to the account server for verification against a second amount associated with the transaction provided by the third party system.
In other aspects of the invention, various combinations and subset of the above aspects are provided.